Hi,Please advise if there is - Page 2

Vivek Singh · ‎09-14-2015

Hi Everyone,

Can anyone please explain while advertising routes to BGP peer why we create a static route pointing towards null 0 when it won't make any value. I mean after adverting the network to our BGP peer, our router/L3 switch will consider those packets from our BGP neighbor void if we would have static route pointing towards null 0 for that particular network.

There is another thing in our network environment we got some subnets from our ISP to NAT our internal traffic to global IP address. We are advertising those subnets towards them over BGP using a static route pointing towards null 0. I am little bit confused how this setup is working.

WAN Distribution Router+FWSM module(R1)----->>Another Router(R2)----->ISP------------>Vendor

On router R2 we are advertising those prefixes which we got from ISP back to them over BGP by creating static routes for subnets pointing towards null 0 something like this.Suppose we got subnet 100.100.100.0/28 subnet from ISP

router bgp 100

network 100.100.100.0 mask 255.255.255.240

ip route 100.100.100.0 255.255.255.240 null 0

On FWSM we have static nat statements something like that

static nat (inside, outside) 100.100.100.2 192.168.10.16 netmask 255.255.255.255

Also we have an inbound rules for our vendor IP so that they could access 192.168.10.10

access-list outside-in extended permit tcp host 200.200.200.200 host 100.100.100.2 eq http log

All routing has been configured and it is working.

Now here is my doubt.

When vendor initiates a connection from IP 200.200.200.200 towards 100.100.100.2 how the connection is working if we have an intermediate router R2 which has a static route for 100.100.100.0/28 pointing towards null 0.

Please advise.

Vivek Singh · ‎09-27-2015

Thanks Jon for looking closely on it.

I don't know much about how FWSM functions. In our case FWSM is acting as a gateway for all our internal networks and dmz. I mean we have L3 VLAN interface on FWSM for our DMZ and internal networks and default gateway is pointing on ISP IP address.

As i already said that we have a L2 vlan(Vlan 10) on R1 for R2 and L3 vlan interface for that vlan is on FWSM which is 172.16.0.21/20. Now R2 has its own L3 interface having IP address 172.16.0.24/20 and OSPF is running on R2.

Now about R2 we have BGP configured between R2 and ISP IP.

How FWSM is acting as a bridge beteen R1 and R2 thats i am trying to understand.

Vivek Singh · ‎09-30-2015

Hi,

Please advise if there is anything missing, in the information which i have given,

Peter Paluch · ‎09-15-2015

Hi Vivek,

In addition to Paul's great response, this topic has also been recently discussed in the following thread - you might want to have a look.

https://supportforums.cisco.com/discussion/12581356/what-static-null0-bgp-implementation

Best regards,
Peter

kam aujla · ‎01-03-2022

Here's how i use the Null route.... Let's say that i have a /24 network internally (172.23.1.0/24) and i decide to subnet that further and create multiple SVI's on my router, and i want to advertise those routes to rest of my network. Since bgp will only let you advertise the exact route (subnet), therefore you have to have multiple network statements to advertise your subnets. However, if you want to advertise the original /24 (172.23.1.0/24) what you can do is create a "Null" route and advertise the /24 to the rest of the network.... When traffic destined for that network comes back to your router, it is NOT automatically dropped, since the routing table has more specific routes (subnet) in it's routing table to forward traffic.....

more specific routes always take precedence.... so if i have a /24 pointing to nulll zero, but in my routing table i have smaller subnet, like 172.23.1.0/26, the traffic will be forwarded.

Hope this makes sense and helps.

Route Advertisement to BGP Peer using null 0